This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/a:sendmail:sendmail:8.12.9
Detail
VendorSendmailFirst view 2003-05-15
ProductSendmailLast view2014-06-04
Version8.12.9TypeApplication
Edition 
Language 
Update 
 
CPE Productcpe:/a:sendmail:sendmail

Activity : Overall

Related : CVE

 DateAlertAccess VectorAccess ComplexityAuthentication
1.92014-06-04CVE-2014-3956LocalMediumNone Requ...
7.52010-01-04CVE-2009-4565NetworkLowNone Requ...
52009-05-05CVE-2009-1490NetworkLowNone Requ...
52006-08-28CVE-2006-4434NetworkLowNone Requ...
52006-06-07CVE-2006-1173NetworkLowNone Requ...
Hide | Show 4 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
52005-06-29CVE-2005-2070NetworkLowNone Requ...
102003-10-06CVE-2003-0694NetworkLowNone Requ...
7.52003-10-06CVE-2003-0681NetworkLowNone Requ...
7.22003-05-15CVE-2003-0308LocalLowNone Requ...

CWE : Common Weakness Enumeration

%idName
40% (2)CWE-399Resource Management Errors
20% (1)CWE-310Cryptographic Issues
20% (1)CWE-200Information Exposure
20% (1)CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer

CAPEC : Common Attack Pattern Enumeration & Classification

idName
CAPEC-2Inducing Account Lockout
CAPEC-82Violating Implicit Assumptions Regarding XML Content (aka XML Denial of Servi...
CAPEC-147XML Ping of Death
CAPEC-228Resource Depletion through DTD Injection in a SOAP Message

Oval Markup Language : Definitions

OvalIDName
oval:org.mitre.oval:def:603Sendmail BO in prescan Function
oval:org.mitre.oval:def:572Sendmail BO in Prescan Function
oval:org.mitre.oval:def:2975Sendmail prescan function Buffer Overflow
oval:org.mitre.oval:def:11253Sendmail before 8.13.7 allows remote attackers to cause a denial of service v...
oval:org.mitre.oval:def:26065SUSE-SU-2014:0872-1 -- Security update for sendmail
Hide | Show 9 More...
idName
oval:org.mitre.oval:def:595Potential BO in Ruleset Parsing for Sendmail
oval:org.mitre.oval:def:3606Sendmail Ruleset Parsing Buffer Overflow
oval:org.mitre.oval:def:6719DSA-1985 sendmail -- insufficient input validation
oval:org.mitre.oval:def:22058RHSA-2010:0237: sendmail security and bug fix update (Low)
oval:org.mitre.oval:def:20232DSA-1985-1 sendmail - insufficient input validation
oval:org.mitre.oval:def:11822HP-UX Running sendmail with STARTTLS Enabled, Remote Unauthorized Access.
oval:org.mitre.oval:def:10255sendmail before 8.14.4 does not properly handle a '\0' character in a Common ...
oval:org.mitre.oval:def:23064ELSA-2010:0237: sendmail security and bug fix update (Low)
oval:org.mitre.oval:def:27847DEPRECATED: ELSA-2010-0237 -- sendmail security and bug fix update (low)

Open Source Vulnerability Database (OSVDB)

idDescription
62373Sendmail X.509 Certificate Null Character MiTM Spoofing Weakness
54669Sendmail Mail X-Header Handling Remote Overflow
28193Sendmail Header Processing Overflow DoS
26197Sendmail Multi-Part MIME Message Handling DoS
17562ClamAV clamav-milter Remote Connection Hold DoS
Hide | Show 4 More...
idDescription
9308Debian Sendmail doublebounce.pl Script Insecure Temp File Privilege Escalation
9307Debian Sendmail checksendmail Script Insecure Temp File Privilege Escalation
9306Debian Sendmail expn Script Insecure Temp File Privilege Escalation
2577Sendmail prescan() Function Remote Overflow

OpenVAS Exploits

idDescription
2012-08-10Name : Gentoo Security Advisory GLSA 201206-30 (sendmail)
File : nvt/glsa_201206_30.nasl
2011-02-18Name : RedHat Update for sendmail RHSA-2011:0262-01
File : nvt/gb_RHSA-2011_0262-01_sendmail.nasl
2010-06-25Name : Fedora Update for sendmail FEDORA-2010-5470
File : nvt/gb_fedora_2010_5470_sendmail_fc12.nasl
2010-06-18Name : Fedora Update for sendmail FEDORA-2010-5399
File : nvt/gb_fedora_2010_5399_sendmail_fc11.nasl
2010-04-06Name : RedHat Update for sendmail RHSA-2010:0237-05
File : nvt/gb_RHSA-2010_0237-05_sendmail.nasl
Hide | Show 15 More...
idDescription
2010-03-31Name : HP-UX Update for sendmail with STARTTLS Enabled HPSBUX02508
File : nvt/gb_hp_ux_HPSBUX02508.nasl
2010-01-19Name : Mandriva Update for sendmail MDVSA-2010:003 (sendmail)
File : nvt/gb_mandriva_MDVSA_2010_003.nasl
2010-01-04Name : Sendmail NULL Character CA SSL Certificate Validation Security Bypass Vulnera...
File : nvt/sendmail_37543.nasl
2009-10-10Name : SLES9: Security update for sendmail
File : nvt/sles9p5014809.nasl
2009-05-13Name : Sendmail Buffer Overflow Vulnerability
File : nvt/gb_sendmail_bof_vuln.nasl
2009-05-05Name : HP-UX Update for sendmail HPSBUX00281
File : nvt/gb_hp_ux_HPSBUX00281.nasl
2008-09-24Name : Gentoo Security Advisory GLSA 200606-19 (sendmail)
File : nvt/glsa_200606_19.nasl
2008-09-04Name : FreeBSD Security Advisory (FreeBSD-SA-06:17.sendmail.asc)
File : nvt/freebsdsa_sendmail2.nasl
2008-01-17Name : Debian Security Advisory DSA 737-1 (clamav)
File : nvt/deb_737_1.nasl
2008-01-17Name : Debian Security Advisory DSA 1155-1 (sendmail)
File : nvt/deb_1155_1.nasl
2008-01-17Name : Debian Security Advisory DSA 1155-2 (sendmail)
File : nvt/deb_1155_2.nasl
2008-01-17Name : Debian Security Advisory DSA 1164-1 (sendmail)
File : nvt/deb_1164_1.nasl
2008-01-17Name : Debian Security Advisory DSA 305-1 (sendmail)
File : nvt/deb_305_1.nasl
2008-01-17Name : Debian Security Advisory DSA 384-1 (sendmail)
File : nvt/deb_384_1.nasl
0000-00-00Name : Slackware Advisory SSA:2006-166-01 sendmail
File : nvt/esoft_slk_ssa_2006_166_01.nasl

Information Assurance Vulnerability Management (IAVM)

idDescription
2010-A-0002Sendmail SSL Certificate Validation Vulnerability
Severity : Category I - VMSKEY : V0022182

Snort® IPS/IDS

DateDescription
2014-01-10RCPT TO overflow
RuleID : 654-community - Type : SERVER-MAIL - Revision : 28
2014-01-10RCPT TO overflow
RuleID : 654 - Type : SERVER-MAIL - Revision : 28
2014-01-10Sendmail RCPT TO prescan too long addresses overflow
RuleID : 2270-community - Type : SERVER-MAIL - Revision : 18
2014-01-10Sendmail RCPT TO prescan too long addresses overflow
RuleID : 2270 - Type : SERVER-MAIL - Revision : 18
2014-01-10RCPT TO overflow
RuleID : 18574 - Type : SERVER-MAIL - Revision : 6

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2018-04-10Name : The remote AIX host is missing a security patch.
File : aix_IJ02915.nasl - Type : ACT_GATHER_INFO
2018-04-10Name : The remote AIX host is missing a security patch.
File : aix_IJ02917.nasl - Type : ACT_GATHER_INFO
2018-04-10Name : The remote AIX host is missing a security patch.
File : aix_IJ02918.nasl - Type : ACT_GATHER_INFO
2018-04-10Name : The remote AIX host is missing a security patch.
File : aix_IJ02919.nasl - Type : ACT_GATHER_INFO
2018-04-10Name : The remote AIX host is missing a security patch.
File : aix_IJ02920.nasl - Type : ACT_GATHER_INFO
Hide | Show 20 More...
idDescription
2018-04-10Name : The remote AIX host is missing a security patch.
File : aix_IJ03121.nasl - Type : ACT_GATHER_INFO
2018-04-10Name : The remote AIX host is missing a security patch.
File : aix_IJ03273.nasl - Type : ACT_GATHER_INFO
2015-03-30Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2015-128.nasl - Type : ACT_GATHER_INFO
2015-01-19Name : The remote Solaris system is missing a security patch for third-party software.
File : solaris11_sendmail_20141120.nasl - Type : ACT_GATHER_INFO
2014-12-23Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201412-32.nasl - Type : ACT_GATHER_INFO
2014-08-01Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2014-147.nasl - Type : ACT_GATHER_INFO
2014-07-05Name : The remote SuSE 11 host is missing a security update.
File : suse_11_rmail-140604.nasl - Type : ACT_GATHER_INFO
2014-06-20Name : The remote Fedora host is missing a security update.
File : fedora_2014-7095.nasl - Type : ACT_GATHER_INFO
2014-06-18Name : The remote openSUSE host is missing a security update.
File : openSUSE-2014-425.nasl - Type : ACT_GATHER_INFO
2014-06-13Name : The remote Fedora host is missing a security update.
File : fedora_2014-7093.nasl - Type : ACT_GATHER_INFO
2014-06-06Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2014-156-04.nasl - Type : ACT_GATHER_INFO
2014-06-03Name : The remote mail server is affected by an SMTP connection manipulation vulnera...
File : sendmail_8_14_9.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-0262.nasl - Type : ACT_GATHER_INFO
2013-03-13Name : The remote AIX host is missing a vendor-supplied security patch.
File : aix_U477911.nasl - Type : ACT_GATHER_INFO
2013-03-13Name : The remote AIX host is missing a vendor-supplied security patch.
File : aix_U497412.nasl - Type : ACT_GATHER_INFO
2013-01-24Name : The remote AIX host is missing a security patch.
File : aix_IZ72510.nasl - Type : ACT_GATHER_INFO
2013-01-24Name : The remote AIX host is missing a security patch.
File : aix_IZ72515.nasl - Type : ACT_GATHER_INFO
2013-01-24Name : The remote AIX host is missing a security patch.
File : aix_IZ72528.nasl - Type : ACT_GATHER_INFO
2013-01-24Name : The remote AIX host is missing a security patch.
File : aix_IZ72834.nasl - Type : ACT_GATHER_INFO
2013-01-24Name : The remote AIX host is missing a security patch.
File : aix_IZ72835.nasl - Type : ACT_GATHER_INFO